package cn.zyx.Config;


import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;


import javax.annotation.Resource;
import javax.sql.DataSource;

/**
 * @author Zhou
 * @since 2021/11/19 15:48
 */
@Configuration
public class UsersConfig extends WebSecurityConfigurerAdapter {
    @Resource
    MyAccessDeniedHandler myAccessDeniedHandler;


    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin().loginPage("/pages/login.html").permitAll() //登录页面跳转请求
                .loginProcessingUrl("/login").permitAll() //登录发起的post请求方法//
                .successHandler(new MyAuthenticationSuccessHandler("index.html"))
                .failureForwardUrl("/fail"); //无权限页面
        http.authorizeRequests() // 认证配置
                .antMatchers("/member-del.html").hasAnyAuthority("del")
                .antMatchers("/lib/**", "/images/**", "/js/**", "/fonts/**", "/css/**","/data/**", "/login", "/hello","/wxlogin","/weixinpay","/phoneNum","/chwlinfo/**","/credit/**","/message/**","/movie/**","/oil/**","/phone/**","/power/**","/user/**","/vip/**","/refund").permitAll() //设置哪些路径可以直接访问，不需要认证
                .anyRequest() // 任何请求
                .authenticated() // 都需要身份验证
                .and().csrf().disable(); //关闭cors
        http.exceptionHandling().accessDeniedHandler(myAccessDeniedHandler);

        http.headers().frameOptions().disable();
    }
}
